CVE-2024-28760

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 11.0.0.1 through 11.0.0.25 IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.0

Description The issue is related to the improper restrictions of resource allocation in the Dashboard component of IBM App Connect Enterprise, which can lead to a denial of service (DoS) attack. This can be exploited by a remote attacker, allowing them to disrupt service.

Recommendations For IBM App Connect Enterprise versions 11.0.0.1 through 11.0.0.25, update to a version outside of this range to resolve the issue. For IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.0, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the Dashboard component to minimize the risk of exploitation.